BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Talks.cam//talks.cam.ac.uk//
X-WR-CALNAME:Talks.cam
BEGIN:VEVENT
SUMMARY:Clean Application Compartmentalization with SOAAP - Khilan Gudka (
 University of Cambridge)
DTSTART:20151001T140000Z
DTEND:20151001T150000Z
UID:TALK60615@talks.cam.ac.uk
CONTACT:Eiko Yoneki
DESCRIPTION:Application compartmentalization\, a vulnerability mitigation 
 technique employed in programs such as OpenSSH and the Chromium web browse
 r\, decomposes software into isolated components to limit privileges leake
 d or otherwise available to attackers. However\, compartmentalizing applic
 ations – and maintaining that compartmentalization – is hindered by ad
  hoc methodologies and significantly increased programming effort. In prac
 tice\, programmers stumble through (rather than overtly reason about) comp
 artmentalization spaces of possible decompositions\, unknowingly trading o
 ff correctness\, security\, complexity\, and performance. We present a new
  conceptual framework embodied in an LLVM-based tool: the Security-Oriente
 d Analysis of Application Programs (SOAAP) that allows programmers to reas
 on about compartmentalization using source-code annotations (compartmental
 ization hypotheses). We demonstrate considerable benefit when creating new
  compartmentalizations for complex applications\, and analyze existing com
 partmentalized applications to discover design faults and maintenance issu
 es arising from application evolution.\n\nBio: Khilan Gudka is a Research 
 Associate in the Security group at the University of Cambridge Computer La
 boratory. Prior to this he did his PhD at Imperial College London. His res
 earch interests include software compartmentalisation\, capability systems
 \, static/dynamic program analysis\, compilers/runtimes and concurrency.\n
LOCATION:FW26\, Computer Laboratory\, William Gates Building
END:VEVENT
END:VCALENDAR